|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking
On Mon, 23 Jul 2007 11:39:35 EDT, Sean Donelan said: > messages. The irc.foonet.com server clearly sends several cleaning > commands used by several well-known, and very old, Bots. Old and well-known bots. Remember that for a moment, and think "6 month old antivirus signatures" for a bit.... > service (can't look for help)? Or should the ISP only disrupt the minimum > number of services needed to clean the Bot? Is there any indication that the commands actually pushed have a *significant* chance of actually wiping any resident bots, or is it "That's an old worn-out magic word" time? It's one thing if 95% of the time, hijacking the connection and pushing command strings actually cleans a bot up. It's another thing entirely if it only works 5 or 10% of the time because most of the bots currently out there are no longer susceptible to that cleaning method. Attachment:
pgp00009.pgp
|